On Sun, Jun 10, 2007 at 06:14:48PM +0200, Julien Danjou wrote:
> At 1181466754 time_t, Lo??c Minier wrote:
> > Hey,
> >
> > I've uploaded madwifi_0.9.2+r1842.20061207-2etch1 prepared by Kel
> > Modderman with the attached interdiff; it contains security fixes.
> > Please review and accept.
>
> Why is this not handled by security team?
They've asked the security team a number of times for an
update. Though the security team may have never formally said 'no' for
this one, I have seen members assert before that non-free updates need
to go through SRM. In lieu of a formal response from the security team
(I was not a member then), I sent the madwifi maintainers the
following response last time they asked:
On Thu, May 24, 2007 at 11:13:47AM -0600, dann frazier wrote:
> hey Kel,
> I've seen other people on the security team suggest that non-free
> updates go in via a stable update. In which case, I suggest forwarding
> this onto debian-release as described here:
> http://lists.debian.org/debian-devel-announce/2007/04/msg00005.html
Of course, the security FAQ suggests that the security team *would*
normally release advisories for non-free stuff, if someone else does
the rest of the work:
http://www.debian.org/security/faq#contrib
I'm now on the security team and I don't mind doing this advisory,
assuming there's no objections from the security team - nor do I have
any objections about introducing these fixes via stable instead.
--
dann frazier